Internal Auditor

Supabase is a Postgres development platform providing developers with integrated backend services including database, authentication, storage, edge functions, realtime features, and vector search. The company is seeking an Internal Auditor to support governance, risk, and compliance initiatives across its globally distributed organization. This role focuses on leading compliance audits, strengthening security frameworks, and collaborating with cross-functional teams to ensure Supabase maintains strong regulatory and operational standards as the company continues to scale.

Supabase is seeking an Internal Auditor to join its Security and Compliance team and help strengthen governance, risk management, and regulatory compliance across the organization. This role plays a key part in supporting Supabase’s rapid growth by leading audit initiatives, coordinating with cross-functional teams, and ensuring compliance with key industry standards. The Internal Auditor will collaborate with engineering, product, infrastructure, and security teams to maintain strong internal controls and ensure that compliance processes align with modern development workflows.

Responsibilities:
- Lead audit readiness and execution for compliance frameworks such as SOC 2, ISO 27001, and PCI DSS
- Manage compliance lifecycle processes using platforms such as Vanta, Drata, or similar GRC tools
- Coordinate cross-functional audit activities to gather evidence and remediate findings
- Design and implement scalable internal audit programs that support company growth
- Partner with external auditors to ensure smooth certification processes and timely completion
- Track compliance metrics and report audit progress, risk areas, and remediation status to leadership

Requirements:
- Minimum of 5 years of experience in internal audit, compliance, or governance risk and compliance roles
- Hands-on experience supporting or leading SOC 2, ISO 27001, and PCI DSS audits
- Familiarity with compliance platforms such as Vanta, Drata, or Secureframe
- Ability to translate compliance requirements into practical processes that work for engineering teams
- Strong communication skills with the ability to work across technical and non-technical stakeholders
- Experience working in remote or globally distributed teams with strong self-management skills

Benefits:
- Fully remote global work environment with coworking allowance
- Employee stock ownership plan (ESOP)
- Comprehensive health insurance coverage for employees and dependents
- Annual professional development and education allowance

This position provides an opportunity to shape compliance practices at a fast-growing developer platform while helping maintain high security and governance standards.